User is already in that group"

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            "failed to add member to user group `<user_group_name>`"

          }

        """

        user = get_user_or_error(userid)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasUserGroupPermissionLevel('admin')(user_group.users_group_name):

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            ugm = UserGroupModel().add_user_to_group(user_group, user)

            success = True if ugm is not True else False

            msg = 'added member `%s` to user group `%s`' % (

                user.username, user_group.users_group_name

            )

            msg = msg if success else 'User is already in that group'

            meta.Session().commit()

            return dict(

                success=success,

                msg=msg

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to add member to user group `%s`' % (

                    user_group.users_group_name,

                )

            )

    # permission check inside

    def remove_user_from_user_group(self, usergroupid, userid):

        """

        Removes a user from a user group. If user is not in given group success will

        be `false`. This command can be executed only

        using api_key belonging to user with admin rights or an admin of given user group

        :param usergroupid:

        :param userid:

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "success":  True|False,  # depends on if member is in group

                      "msg": "removed member <username> from user group <groupname> |

                              User wasn't in group"

                    }

            error:  null

        """

        user = get_user_or_error(userid)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasUserGroupPermissionLevel('admin')(user_group.users_group_name):

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            success = UserGroupModel().remove_user_from_group(user_group, user)

            msg = 'removed member `%s` from user group `%s`' % (

                user.username, user_group.users_group_name

            )

            msg = msg if success else "User wasn't in group"

            meta.Session().commit()

            return dict(success=success, msg=msg)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to remove member from user group `%s`' % (

                    user_group.users_group_name,

                )

            )

    # permission check inside

    def get_repo(self, repoid,

                 with_revision_names=False,

                 with_pullrequests=False):

        """

        Gets an existing repository by it's name or repository_id. Members will return

        either users_group or user associated to that repository. This command can be

        executed only using api_key belonging to user with admin

        rights or regular user that have at least read access to repository.

        :param repoid: repository name or repository id

        :type repoid: str or int

        OUTPUT::

          id : <id_given_in_input>

          result : {

            {

                "repo_id" :          "<repo_id>",

                "repo_name" :        "<reponame>"

                "repo_type" :        "<repo_type>",

                "clone_uri" :        "<clone_uri>",

                "enable_downloads":  "<bool>",

                "enable_statistics": "<bool>",

                "private":           "<bool>",

                "created_on" :       "<date_time_created>",

                "description" :      "<description>",

                "landing_rev":       "<landing_rev>",

                "last_changeset":    {

                                       "author":   "<full_author>",

                                       "date":     "<date_time_of_commit>",

                                       "message":  "<commit_message>",

                                       "raw_id":   "<raw_id>",

                                       "revision": "<numeric_revision>",

                                       "short_id": "<short_id>"

                                     }

                "owner":             "<repo_owner>",

                "fork_of":           "<name_of_fork_parent>",

                "members" :     [

                                  {

                                    "name":     "<username>",

                                    "type" :    "user",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                  {

                                    "name":     "<usergroup name>",

                                    "type" :    "user_group",

                                    "permission" : "usergroup.(read|write|admin)"

                                  },

                                  …

                                ]

                 "followers":   [<user_obj>, ...],

                 <if with_revision_names == True>

                 "tags": {

                            "<tagname>": "<raw_id>",

                            ...

                         },

                 "branches": {

                            "<branchname>": "<raw_id>",

                            ...

                         },

                 "bookmarks": {

                            "<bookmarkname>": "<raw_id>",

                            ...

                         },

            }

          }

          error :  null

        """

        repo = get_repo_or_error(repoid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('read')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        members = []

        for user in repo.repo_to_perm:

            perm = user.permission.permission_name

            user = user.user

            user_data = {

                'name': user.username,

                'type': "user",

                'permission': perm

            }

            members.append(user_data)

        for user_group in repo.users_group_to_perm:

            perm = user_group.permission.permission_name

            user_group = user_group.users_group

            user_group_data = {

                'name': user_group.users_group_name,

                'type': "user_group",

                'permission': perm

            }

            members.append(user_group_data)

        followers = [

            uf.user.get_api_data()

            for uf in repo.followers

        ]

        data = repo.get_api_data(with_revision_names=with_revision_names,

                                 with_pullrequests=with_pullrequests)

        data['members'] = members

        data['followers'] = followers

        return data

    # permission check inside

    def get_repos(self):

        """

        Lists all existing repositories. This command can be executed only using

        api_key belonging to user with admin rights or regular user that have

        admin, write or read access to repository.

        OUTPUT::

            id : <id_given_in_input>

            result: [

                      {

                        "repo_id" :          "<repo_id>",

                        "repo_name" :        "<reponame>"

                        "repo_type" :        "<repo_type>",

                        "clone_uri" :        "<clone_uri>",

                        "private": :         "<bool>",

                        "created_on" :       "<datetimecreated>",

                        "description" :      "<description>",

                        "landing_rev":       "<landing_rev>",

                        "owner":             "<repo_owner>",

                        "fork_of":           "<name_of_fork_parent>",

                        "enable_downloads":  "<bool>",

                        "enable_statistics": "<bool>",

                      },

                      …

                    ]

            error:  null

        """

        if not HasPermissionAny('hg.admin')():

            repos = request.authuser.get_all_user_repos()

        else:

            repos = db.Repository.query()

        return [

            repo.get_api_data()

            for repo in repos

        ]

    # permission check inside

    def get_repo_nodes(self, repoid, revision, root_path,

                       ret_type='all'):

        """

        returns a list of nodes and it's children in a flat list for a given path

        at given revision. It's possible to specify ret_type to show only `files` or

        `dirs`.  This command can be executed only using api_key belonging to

        user with admin rights or regular user that have at least read access to repository.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param revision: revision for which listing should be done

        :type revision: str

        :param root_path: path from which start displaying

        :type root_path: str

        :param ret_type: return type 'all|files|dirs' nodes

        :type ret_type: Optional(str)

        OUTPUT::

            id : <id_given_in_input>

            result: [

                      {

                        "name" :        "<name>"

                        "type" :        "<type>",

                      },

                      …

                    ]

            error:  null

        """

        repo = get_repo_or_error(repoid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('read')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        _map = {}

        try:

            _d, _f = ScmModel().get_nodes(repo, revision, root_path,

                                          flat=False)

            _map = {

                'all': _d + _f,

                'files': _f,

                'dirs': _d,

            }

            return _map[ret_type]

        except KeyError:

            raise JSONRPCError('ret_type must be one of %s'

                               % (','.join(sorted(_map))))

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to get repo: `%s` nodes' % repo.repo_name

            )

    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

    def create_repo(self, repo_name, owner=None,

                    repo_type=None, description='',

                    private=False, clone_uri=None,

                    landing_rev='rev:tip',

                    enable_statistics=None,

                    enable_downloads=None,

                    copy_permissions=False):

        """

        Creates a repository. The repository name contains the full path, but the

        parent repository group must exist. For example "foo/bar/baz" require the groups

        "foo" and "bar" (with "foo" as parent), and create "baz" repository with

        "bar" as group. This command can be executed only using api_key

        belonging to user with admin rights or regular user that have create

        repository permission. Regular users cannot specify owner parameter

        :param repo_name: repository name

        :type repo_name: str

        :param owner: user_id or username

        :type owner: Optional(str)

        :param repo_type: 'hg' or 'git'

        :type repo_type: Optional(str)

        :param description: repository description

        :type description: Optional(str)

        :param private:

        :type private: bool

        :param clone_uri:

        :type clone_uri: str

        :param landing_rev: <rev_type>:<rev>

        :type landing_rev: str

        :param enable_downloads:

        :type enable_downloads: bool

        :param enable_statistics:

        :type enable_statistics: bool

        :param copy_permissions: Copy permission from group that repository is

            being created.

        :type copy_permissions: bool

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "msg": "Created new repository `<reponame>`",

                      "success": true,

                      "task": "<celery task id or None if done sync>"

                    }

            error:  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

             'failed to create repository `<repo_name>`

          }

        """

        if not HasPermissionAny('hg.admin')():

            if owner is not None:

                # forbid setting owner for non-admins

                raise JSONRPCError(

                    'Only Kallithea admin can specify `owner` param'

                )

        if owner is None:

            owner = request.authuser.user_id

        owner = get_user_or_error(owner)

        if RepoModel().get_by_repo_name(repo_name):

            raise JSONRPCError("repo `%s` already exist" % repo_name)

        defs = db.Setting.get_default_repo_settings(strip_prefix=True)

        if private is None:

            private = defs.get('repo_private') or False

        if repo_type is None:

            repo_type = defs.get('repo_type')

        if enable_statistics is None:

            enable_statistics = defs.get('repo_enable_statistics')

        if enable_downloads is None:

            enable_downloads = defs.get('repo_enable_downloads')

        try:

            repo_name_parts = repo_name.split('/')

            repo_group = None

            if len(repo_name_parts) > 1:

                group_name = '/'.join(repo_name_parts[:-1])

                repo_group = db.RepoGroup.get_by_group_name(group_name)

                if repo_group is None:

                    raise JSONRPCError("repo group `%s` not found" % group_name)

            data = dict(

                repo_name=repo_name_parts[-1],

                repo_name_full=repo_name,

                repo_type=repo_type,

                repo_description=description,

                repo_private=private,

                clone_uri=clone_uri,

                repo_group=repo_group,

                repo_landing_rev=landing_rev,

                enable_statistics=enable_statistics,

                enable_downloads=enable_downloads,

                repo_copy_permissions=copy_permissions,

            )

            task = RepoModel().create(form_data=data, cur_user=owner.username)

            task_id = task.task_id

            # no commit, it's done in RepoModel, or async via celery

            return dict(

                msg="Created new repository `%s`" % (repo_name,),

                success=True,  # cannot return the repo data here since fork

                               # can be done async

                task=task_id

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to create repository `%s`' % (repo_name,))

    # permission check inside

    def update_repo(self, repoid, name=None,

                    owner=None,

                    group=None,

                    description=None, private=None,

                    clone_uri=None, landing_rev=None,

                    enable_statistics=None,

                    enable_downloads=None):

        """

        Updates repo

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param name:

        :param owner:

        :param group:

        :param description:

        :param private:

        :param clone_uri:

        :param landing_rev:

        :param enable_statistics:

        :param enable_downloads:

        """

        repo = get_repo_or_error(repoid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('admin')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

            if (name != repo.repo_name and

                not HasPermissionAny('hg.create.repository')()

            ):

                raise JSONRPCError('no permission to create (or move) repositories')

            if owner is not None:

                # forbid setting owner for non-admins

                raise JSONRPCError(

                    'Only Kallithea admin can specify `owner` param'

                )

        updates = {}

        repo_group = group

        if repo_group is not None:

            repo_group = get_repo_group_or_error(repo_group)

            repo_group = repo_group.group_id

        try:

            store_update(updates, name, 'repo_name')

            store_update(updates, repo_group, 'repo_group')

            store_update(updates, owner, 'owner')

            store_update(updates, description, 'repo_description')

            store_update(updates, private, 'repo_private')

            store_update(updates, clone_uri, 'clone_uri')

            store_update(updates, landing_rev, 'repo_landing_rev')

            store_update(updates, enable_statistics, 'repo_enable_statistics')

            store_update(updates, enable_downloads, 'repo_enable_downloads')

            RepoModel().update(repo, **updates)

            meta.Session().commit()

            return dict(

                msg='updated repo ID:%s %s' % (repo.repo_id, repo.repo_name),

                repository=repo.get_api_data()

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to update repo `%s`' % repoid)

    @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')

    def fork_repo(self, repoid, fork_name,

                  owner=None,

                  description='', copy_permissions=False,

                  private=False, landing_rev='rev:tip'):

        """

        Creates a fork of given repo. In case of using celery this will

        immediately return success message, while fork is going to be created

        asynchronous. This command can be executed only using api_key belonging to

        user with admin rights or regular user that have fork permission, and at least

        read access to forking repository. Regular users cannot specify owner parameter.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param fork_name:

        :param owner:

        :param description:

        :param copy_permissions:

        :param private:

        :param landing_rev:

        INPUT::

            id : <id_for_response>

            api_key : "<api_key>"

            args:     {

                        "repoid" :          "<reponame or repo_id>",

                        "fork_name":        "<forkname>",

                        "owner":            "<username or user_id = Optional(=apiuser)>",

                        "description":      "<description>",

                        "copy_permissions": "<bool>",

                        "private":          "<bool>",

                        "landing_rev":      "<landing_rev>"

                      }

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "msg": "Created fork of `<reponame>` as `<forkname>`",

                      "success": true,

                      "task": "<celery task id or None if done sync>"

                    }

            error:  null

        """

        repo = get_repo_or_error(repoid)

        repo_name = repo.repo_name

        _repo = RepoModel().get_by_repo_name(fork_name)

        if _repo:

            type_ = 'fork' if _repo.fork else 'repo'

            raise JSONRPCError("%s `%s` already exist" % (type_, fork_name))

        if HasPermissionAny('hg.admin')():

            pass

        elif HasRepoPermissionLevel('read')(repo.repo_name):

            if owner is not None:

                # forbid setting owner for non-admins

                raise JSONRPCError(

                    'Only Kallithea admin can specify `owner` param'

                )

            if not HasPermissionAny('hg.create.repository')():

                raise JSONRPCError('no permission to create repositories')

        else:

            raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        if owner is None:

            owner = request.authuser.user_id

        owner = get_user_or_error(owner)

        try:

            fork_name_parts = fork_name.split('/')

            repo_group = None

            if len(fork_name_parts) > 1:

                group_name = '/'.join(fork_name_parts[:-1])

                repo_group = db.RepoGroup.get_by_group_name(group_name)

                if repo_group is None:

                    raise JSONRPCError("repo group `%s` not found" % group_name)

            form_data = dict(

                repo_name=fork_name_parts[-1],

                repo_name_full=fork_name,

                repo_group=repo_group,

                repo_type=repo.repo_type,

                description=description,

                private=private,

                copy_permissions=copy_permissions,

                landing_rev=landing_rev,

                update_after_clone=False,

                fork_parent_id=repo.repo_id,

            )

            task = RepoModel().create_fork(form_data, cur_user=owner.username)

            # no commit, it's done in RepoModel, or async via celery

            task_id = task.task_id

            return dict(

                msg='Created fork of `%s` as `%s`' % (repo.repo_name,

                                                      fork_name),

                success=True,  # cannot return the repo data here since fork

                               # can be done async

                task=task_id

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to fork repository `%s` as `%s`' % (repo_name,

                                                            fork_name)

            )

    # permission check inside

    def delete_repo(self, repoid, forks=''):

        """

        Deletes a repository. This command can be executed only using api_key belonging

        to user with admin rights or regular user that have admin access to repository.

        When `forks` param is set it's possible to detach or delete forks of deleting

        repository

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param forks: `detach` or `delete`, what do do with attached forks for repo

        :type forks: Optional(str)

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "msg": "Deleted repository `<reponame>`",

                      "success": true

                    }

            error:  null

        """

        repo = get_repo_or_error(repoid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('admin')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        try:

            handle_forks = forks

            _forks_msg = ''

            _forks = [f for f in repo.forks]

            if handle_forks == 'detach':

                _forks_msg = ' ' + 'Detached %s forks' % len(_forks)

            elif handle_forks == 'delete':

                _forks_msg = ' ' + 'Deleted %s forks' % len(_forks)

            elif _forks:

                raise JSONRPCError(

                    'Cannot delete `%s` it still contains attached forks' %

                    (repo.repo_name,)

                )

            RepoModel().delete(repo, forks=forks)

            meta.Session().commit()

            return dict(

                msg='Deleted repository `%s`%s' % (repo.repo_name, _forks_msg),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to delete repository `%s`' % (repo.repo_name,)

            )

    @HasPermissionAnyDecorator('hg.admin')

    def grant_user_permission(self, repoid, userid, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found. This command can be executed only using api_key belonging to user

        with admin rights.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param userid:

        :param perm: (repository.(none|read|write|admin))

        :type perm: str

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "msg" : "Granted perm: `<perm>` for user: `<username>` in repo: `<reponame>`",

                      "success": true

                    }

            error:  null

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        perm = get_perm_or_error(perm)

        try:

            RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

            meta.Session().commit()

            return dict(

                msg='Granted perm: `%s` for user: `%s` in repo: `%s`' % (

                    perm.permission_name, user.username, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for user: `%s` in repo: `%s`' % (

                    userid, repoid

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def revoke_user_permission(self, repoid, userid):

        """

        Revoke permission for user on given repository. This command can be executed

        only using api_key belonging to user with admin rights.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param userid:

        OUTPUT::

            id : <id_given_in_input>

            result: {

                      "msg" : "Revoked perm for user: `<username>` in repo: `<reponame>`",

                      "success": true

                    }

            error:  null

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        try:

            RepoModel().revoke_user_permission(repo=repo, user=user)

            meta.Session().commit()

            return dict(

                msg='Revoked perm for user: `%s` in repo: `%s`' % (

                    user.username, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for user: `%s` in repo: `%s`' % (

                    userid, repoid

                )

            )

    # permission check inside

    def grant_user_group_permission(self, repoid, usergroupid, perm):

        """

        Grant permission for user group on given repository, or update

        existing one if found. This command can be executed only using

        api_key belonging to user with admin rights.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param usergroupid: id of usergroup

        :type usergroupid: str or int

        :param perm: (repository.(none|read|write|admin))

        :type perm: str

        OUTPUT::

          id : <id_given_in_input>

          result : {

            "msg" : "Granted perm: `<perm>` for group: `<usersgroupname>` in repo: `<reponame>`",

            "success": true

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            "failed to edit permission for user group: `<usergroup>` in repo `<repo>`'

          }

        """

        repo = get_repo_or_error(repoid)

        perm = get_perm_or_error(perm)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('admin')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

            if not HasUserGroupPermissionLevel('read')(user_group.users_group_name):

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try: